Tunnel Concentrator supports tunnel redundancy and failover between multiple instances of the application. Redundancy ensures that tunneling services remain active even if a Tunnel Concentrator instance fails, or if the server on which the application is installed goes down.
As a best practice, use Tunnel Concentrator instances that are installed on different physical Universal Compute Platform boxes. Redundant instances must be in the same network segement with layer 2 connectivity so that services are not affected by a server failure.
Redundancy configuration and functionality depend on whether you use ExtremeCloud IQ Controller or ExtremeCloud IQ as the management entity.
Configure redundancy using the GRE topology for a given VLAN. You can assign up to three prioritized Tunnel Concentrator instances to the topology. The AP attempts to send traffic to the highest ranked Tunnel Concentrator instance first. If that connection fails, the AP attempts to connect to the second instance, and if that connection fails, the AP attempts the third instance.
The priority ranking between multiple Tunnel Concentrator instances depends on whether you also select load balancing:
If load balancing is selected—The priority ranking of the three Tunnel Concentrator instances is selected randomly to ensure that the traffic load gets balanced evenly across the instances.
If load balancing is not selected—The first Tunnel Concentrator instance in the list is given the highest priority ranking followed by the second instance and then the third instance.
Note
ExtremeCloud IQ Controller must be configured to allow an ICMP ping between the access point and the controller. The ping is required for tunnel failover to work.For an illustration of redundancy with ExtremeCloud IQ Controller, see Figure 2.
Configure redundancy on ExtremeCloud IQ using the Tunnel Concentrator service and Tunnel Concentrator policy configurations. Redundancy uses a tunnel address that is shared using VRRP by both Tunnel Concentrator instances in a redundant pair. You can then assign primary and redundant instances, each with their own address, to that tunnel configuration.
When APs send data through a tunnel, they send the data to the shared VRRP address of the Tunnel Concentrator instances in the HA pair. The HA pair has an active Tunnel Concentrator instance and a standby instance with data being directed to the active instance. However, if the active instance goes down or becomes unavailable, the standby instance becomes active.
Figure 3 illustrates redundancy with three redundant pairs of Tunnel Concentrator instances spread across two Universal Compute Platform machines and with ExtremeCloud IQ as the management option.
To add load balancing when using ExtremeCloud IQ, create more than one Tunnel Concentrator service under .